[Samba] Re: Domain admins not getting local admin rights
Robert M. Martel
bob at urban.csuohio.edu
Fri Jan 28 17:45:08 GMT 2005
On 01/28/2005 10:33 AM, Morgan Toal wrote:
> Hi there,
>
> Thanks to everyone for their suggestions.
>
> Unfortunately, I must be missing something, I did delete the
> group_mappings.tdb and re-create my groups. This has not improved the
> situation unfortunately.
>
> Where else might I look?
...
I saw a problem like this when testing Samba 3 on Solaris 9. I had to
make sure that the "domain admin" group mapped to the unix group that I
wanted *and* that unix group had to be the PRIMARY group for the user in
question.
Under Samba 2 I had several users that were in the unix "ntadmin" group
as one of their secondary groups and my smb.conf was set accordingly.
Everything worked as expected.
Under Samba 3 I mapped the "Domain Admin" group o the same unix group -
but the users never received the administrative privileges. I payed
around for a bit and finally tried mapping "Domain Admin" to my primary
group and then I was able to receive the administrative privileges.
I asked on the list at the time if this was the expected behavior -
which is to say Samba ignored the user's secondary group for this role,
or if I had happened upon a bug. I did not receive an answer at the time.
-Bob Martel
--
***********************************************************************
Bob Martel,System Administrator I met someone who looks a lot like you
Levin College of Urban Affairs She does the things you do
Cleveland State University But she is an IBM
(216) 687-2214
bob at urban.csuohio.edu -Jeff Lynne
***********************************************************************
More information about the samba
mailing list